Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2020-1472

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC). An attacker who successfully exploited the vulnerability could run a specially crafted application on a device on the network. To exploit the vulnerability, an unauthenticated attacker would be required to use MS-NRPC to connect to a domain controller to obtain domain administrator access. Microsoft is addressing the vulnerability in a phased two-part rollout. These updates address the vulnerability by modifying how Netlogon handles the usage of Netlogon secure channels. For guidelines on how to manage the changes required for this vulnerability and more information on the phased rollout, see How to manage the changes in Netlogon secure channel connections associated with CVE-2020-1472 (updated September 28, 2020). When the second phase of Windows updates become available in Q1 2021, customers will be notified via a revision to this security vulnerability. If you wish to be notified when these updates are released, we recommend that you register for the security notifications mailer to be alerted of content changes to this advisory. See Microsoft Technical Security Notifications.

Published

2020-08-17T19:15:15.117

Last Modified

2025-03-07T15:52:30.803

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

8.6

Impact Score

10.0

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	microsoft	windows_server_1903	*	Yes
Operating System	microsoft	windows_server_1909	*	Yes
Operating System	microsoft	windows_server_2004	-	Yes
Operating System	microsoft	windows_server_2008	r2	Yes
Operating System	microsoft	windows_server_2012	-	Yes
Operating System	microsoft	windows_server_2012	r2	Yes
Operating System	microsoft	windows_server_2016	-	Yes
Operating System	microsoft	windows_server_2019	-	Yes
Operating System	microsoft	windows_server_20h2	-	Yes
Operating System	fedoraproject	fedora	31	Yes
Operating System	fedoraproject	fedora	32	Yes
Operating System	fedoraproject	fedora	33	Yes
Operating System	opensuse	leap	15.1	Yes
Operating System	opensuse	leap	15.2	Yes
Operating System	canonical	ubuntu_linux	14.04	Yes
Operating System	canonical	ubuntu_linux	16.04	Yes
Operating System	canonical	ubuntu_linux	16.04	Yes
Operating System	canonical	ubuntu_linux	18.04	Yes
Operating System	canonical	ubuntu_linux	20.04	Yes
Application	synology	directory_server	< 4.4.5-0101	Yes
Application	samba	samba	< 4.10.18	Yes
Application	samba	samba	< 4.11.13	Yes
Application	samba	samba	< 4.12.7	Yes
Operating System	debian	debian_linux	9.0	Yes
Application	oracle	zfs_storage_appliance_kit	8.8	Yes

References

http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html Mailing List, Third Party Advisory ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html Mailing List, Third Party Advisory ([email protected])
http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html Third Party Advisory, VDB Entry ([email protected])
http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html Exploit, Third Party Advisory, VDB Entry ([email protected])
http://www.openwall.com/lists/oss-security/2020/09/17/2 Mailing List, Third Party Advisory ([email protected])
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ Mailing List, Third Party Advisory ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ Mailing List, Third Party Advisory ([email protected])
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 Patch, Vendor Advisory ([email protected])
https://security.gentoo.org/glsa/202012-24 Third Party Advisory ([email protected])
https://usn.ubuntu.com/4510-1/ Third Party Advisory ([email protected])
https://usn.ubuntu.com/4510-2/ Third Party Advisory ([email protected])
https://usn.ubuntu.com/4559-1/ Third Party Advisory ([email protected])
https://www.kb.cert.org/vuls/id/490028 Third Party Advisory, US Government Resource ([email protected])
https://www.oracle.com/security-alerts/cpuApr2021.html Patch, Third Party Advisory ([email protected])
https://www.synology.com/security/advisory/Synology_SA_20_21 Third Party Advisory ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00080.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00086.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/159190/Zerologon-Proof-Of-Concept.html Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.openwall.com/lists/oss-security/2020/09/17/2 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.debian.org/debian-lts-announce/2020/11/msg00041.html Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H4OTFBL6YDVFH2TBJFJIE4FMHPJEEJK3/ Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ST6X3A2XXYMGD4INR26DQ4FP4QSM753B/ Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TAPQQZZAT4TG3XVRTAFV2Y3S7OAHFBUP/ Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472 Patch, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.gentoo.org/glsa/202012-24 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4510-1/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4510-2/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/4559-1/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.kb.cert.org/vuls/id/490028 Third Party Advisory, US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
https://www.oracle.com/security-alerts/cpuApr2021.html Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.synology.com/security/advisory/Synology_SA_20_21 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)